| Page(s) : 1 ... 797 798 799 800 801 802 803 804 805 806 [807] 808 809 810 811 812 813 814 815 816 817 ... | Result(s) : 43532 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-01-20 | CVE-2021-1300 | cve | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these... |
| 9.8 | 2021-01-20 | CVE-2021-1301 | cve | Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these... |
| 9.8 | 2021-01-20 | CVE-2021-1138 | cve | Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying ... |
| 9.8 | 2021-01-20 | CVE-2021-1140 | cve | Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying ... |
| 9.8 | 2021-01-20 | CVE-2021-1142 | cve | Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying ... |
| 9.1 | 2021-01-20 | CVE-2021-1225 | cve | Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks ... |
| 9.8 | 2021-01-19 | CVE-2020-28480 | cve | The package jointjs before 3.3.0 are vulnerable to Prototype Pollution via util.setByPath (https://resources.jointjs.com/docs/jointjs/v3.2/joint.htmlutil.setByPath). The path us... |
| 9.8 | 2021-01-19 | CVE-2020-35929 | cve | In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be ... |
| 9.1 | 2021-01-19 | CVE-2021-25323 | cve | The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password. |
| 9 | 2021-01-19 | CVE-2020-35128 | cve | Mautic before 3.2.4 is affected by stored XSS. An attacker with permission to manage companies, an application feature, could attack other users, including administrators. For e... |
| 9.8 | 2021-01-19 | CVE-2020-28472 | cve | This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application tha... |
| 9.8 | 2021-01-19 | CVE-2021-22851 | cve | HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data. |
| 9.8 | 2021-01-19 | CVE-2021-22850 | cve | HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. |
| 9.8 | 2021-01-19 | CVE-2021-3177 | cve | Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-... |
| 9 | 2021-01-19 | CVE-2020-35129 | cve | Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For exam... |
| 9.8 | 2021-01-18 | CVE-2021-25294 | cve | OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the pa... |
| 9.8 | 2021-01-15 | CVE-2021-21243 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. Th... |
| 9.8 | 2021-01-15 | CVE-2020-24639 | cve | There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Succ... |
| 9.8 | 2021-01-15 | CVE-2020-24640 | cve | There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Su... |
| 9.8 | 2021-01-15 | CVE-2021-21245 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified... |
| Page(s) : 1 ... 797 798 799 800 801 802 803 804 805 806 [807] 808 809 810 811 812 813 814 815 816 817 ... | Result(s) : 43532 |
